Ran into a strange issue today with two Citrix servers, both suddenly started to exhibit extremely long logins of ~3 minutes – this initially meant that users could not access any published applications on the servers due to the default LogoffCheckerStartupDelayInSeconds timeout of 60 seconds. Sessions would start, hang at the “Welcome” stage of the Citrix application startup and then the session would terminate after 60 seconds.

We modified this registry key to 180 seconds and applications would then launch, workaround in-place, but what was really causing the issue?

After a LOT of troubleshooting it was discovered that there were 100+ profile folders on the servers. We scripted cleanup of these profiles using the script below, login times dropped to ~25 seconds.

Application Virtualisation is not a new technology, yet many companies are not using it. By placing an applictaion in a ‘bubble’ you can run, for example, different version of Microsoft Office on the same PC wihtout any problems – effectively because the application isn’t actually installed.

For the purposes of this article I wanted to see how easy it would be to ‘profile’ (or package) Microsoft Office 2010 for streaming using XenApp 6.5, including configuring offline access.

Following the XenApp 6.5 deployment in my previous article I thought I’d detail how to configure Access Gateway for Storefront 1.1, I’ll also leverage the Load Balancer I configured in a previous article so essentially users will be able to login remotely using Access Gateway, then be Load Balanced by the NetScaler to an appropriate StoreFront Server on your internal network.

This article assumes you have deployed the NetScaler Appliance (instructions here) and configured basic Network Settings including a DNS Nameserver.

In this article I’ll cover setup of an internal NetScaler VPX Load Balancer for Storefront 1.1. Note that this configuration will also work with Storefront 1.0, just the Storefront MMC snap-in doesn’t work as-of the 1st April this year!

In this article I’ll briefly cover the deployment of XenApp 6.5 alongside the Citrix Licensing Server configuration, this is very much geared towards an article that I’m working on at the moment for Citrix Access Gateway (NetScaler VPX based) configuration for Storefront 1.1 and also Local Balancing Storefornt via the NetScaler VPX appliance.

What are VMACs are why use them?

VMAC’s are a useful addition in the NetScaler high availability tool set. In brief a VMAC creates a virtual MAC address that can ‘failover’ between devices. VMACs can be used to compliment the built-in HA or to create an active/active NetScaler pair.

By virtualising the MAC address there is no drop in network connectivity during failovers as the MAC address is shared across NetScaler devices – this means that the CAM table in the upstream switches does not require any update. As a result, failovers between NetScaler devices should be faster and less intrusive with regards to user sessions/connections.

VMAC’s work using a ‘priority’ – the higher priority determines ownership of the VMAC between devices. In a NetScaler HA configuration the priority of the VMAC between devices is the same, without HA it is configurable. For example if we had two NetScalers not using HA, NS1 and NS2, and a single VMAC configured on each we could set NS1 to have a priority of 100 and NS2 to have a priority of 90. NS1 would have ‘ownership’ of the VMAC because of its higher priority.

There are a couple of options when configuring VMAC’s:

If you are using the built-in NetScaler HA then you will continue to get Active/Passive HA

If you chose not to use the built-in HA feature then you can get Active/Active HA

One key benefit of using HA as well is that it synchronises the session tables across devices, without HA a failover of VMACs will disconnect Outlook Web Access users as their sessions is lost at failover, with HA sessions are kept, there is just a brief interruption to the user before they can carry on.

It is also possible to assign a VMAC to a single IP address, or group multiple IP addresses into a single VMAC. The first option allows for granularity when assigning ownership as you can assign each VMAC to a device of your choice whereas grouping the IP’s into a single VMAC reduces configuration but also reduces the options you have for splitting traffic. One option could be to group the IP’s into VMACs that represent services, so if you are load balancing multiple services via your NetScalers create a VMAC per service, i.e. Exchange 2010, Citrix Access Gateway etc.

In a NetScaler Load Balancing Exchange 2010 I covered deployment of a NetScaler device to Load Balance Exchange 2010, this is an extension fo that article – illustrating how to configure a second NetScaler device in a High Availability Pair.

In this article I’ll illustrate how to add a secondary NetScaler device and configure High Availability to ensure you have a resiliant NetScaler deployment.

This article will illustrate configuration of both a one-arm and two-arm topology for load balancing Exchange 2010 SP1 using a single NetScaler VPX (NS9.3: Build 52.3.nc). The specific focus is on a one-arm topology, however I’ll clearly outline what’s required if you decide to use a two-arm configuration; either way by the end of the article you’ll have a working deployment… I hope!

This guide assumes you have deployed the NetScaler VPX and configured an IP address – for information on how to do this see the NetScaler Deployment Article.